package com.siyuan.blog.config;/*
 *@program:ejiajia

 *@description:

 *@author:X-C

 *@create:2020-05-30 16:58:09
 **/

import com.siyuan.blog.domain.system.Cus;
import com.siyuan.blog.service.system.CusService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import javax.annotation.Resource;

public class EjjRealm  extends AuthorizingRealm {

    @Resource
    private CusService cusService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //1.将参数中的数据，进行强转为UsernamePasswordToken
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //2.从参数中获取用户名，根据用户名查询用户的信息
        Cus cus = cusService.findCusByAccount(token.getUsername());
        if (cus == null) {
            return null;
        }
        //3.如果根据用户查询到了用户信息，直接交给Shiro进行验证
//        return new SimpleAuthenticationInfo(userInfo, userInfo.getPassword(), getName());
        //使用Shiro加密认证来进行密码的 加密验证
        // 添加密码加密时的动态密钥：注意：这里指定的密钥，一定要与用户注册时，将密码进行加密的密钥保持相同。
        return new SimpleAuthenticationInfo(cus, cus.getPassword(), ByteSource.Util.bytes(cus.getCount()), getName());
    }
}
